bullseye triage

Moritz Muehlenhoff (@jmm) Thu, 30 Nov 2023 00:49:55 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4973ede0 by Moritz Muehlenhoff at 2023-11-30T09:49:24+01:00
bookworm/bullseye triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -70,6 +70,8 @@ CVE-2023-35137 (An improper authentication vulnerability in 
the authentication m
        TODO: check
 CVE-2023-6378 (A serialization vulnerability in logback receiver component 
part of  l ...)
        - logback <unfixed>
+       [bookworm] - logback <no-dsa> (Minor issue)
+       [bullseye] - logback <no-dsa> (Minor issue)
        NOTE: https://logback.qos.ch/news.html#1.3.12
 CVE-2023-6218 (In Progress MOVEit Transfer versions released before 2022.0.9 
(14.0.9) ...)
        NOT-FOR-US: Progress MOVEit Transfer
@@ -191,6 +193,8 @@ CVE-2023-45539 (HAProxy before 2.8.2 accepts # as part of 
the URI component, whi
        NOTE: 
https://git.haproxy.org/?p=haproxy-2.2.git;a=commit;h=178cea76b1c9d9413afa6961b6a4576fcb5b26fa
 (v2.3.31)
 CVE-2023-45286 (A race condition in go-resty can result in HTTP request body 
disclosur ...)
        - golang-github-go-resty-resty <unfixed>
+       [bookworm] - golang-github-go-resty-resty <no-dsa> (Minor issue)
+       [bullseye] - golang-github-go-resty-resty <no-dsa> (Minor issue)
        NOTE: https://github.com/go-resty/resty/issues/743
        NOTE: https://github.com/go-resty/resty/issues/739
        NOTE: https://github.com/go-resty/resty/pull/745


=====================================
data/dsa-needed.txt
=====================================
@@ -36,7 +36,7 @@ linux (carnil)
 nbconvert/oldstable
   Guilhem Moulin proposed an update ready for review
 --
-nghttp2
+nghttp2 (jmm)
 --
 nodejs
   maintainer proposed to follow the upstream 18.x LTS branch
@@ -55,8 +55,7 @@ python3.11/stable (carnil)
 --
 python3.9/oldstable
 --
-rabbitmq-server
-  Maintainer suggested to release fixes for CVE-2023-46118 via DSA
+rabbitmq-server (jmm)
 --
 redmine/stable
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4973ede0bfa564ecbab5a4a8c54d2a28d1c8a5e1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4973ede0bfa564ecbab5a4a8c54d2a28d1c8a5e1
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bookworm/bullseye triage

Reply via email to